CVSS: 9.8EPSS: 26%CPEs: 7EXPL: 0CVE-2006-1724
https://notcve.org/view.php?id=CVE-2006-1724
14 Apr 2006 — Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2006-1772
https://notcve.org/view.php?id=CVE-2006-1772
13 Apr 2006 — debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361775 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2006-1564
https://notcve.org/view.php?id=CVE-2006-1564
31 Mar 2006 — Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359234 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2006-1565
https://notcve.org/view.php?id=CVE-2006-1565
31 Mar 2006 — Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359239 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2006-1566
https://notcve.org/view.php?id=CVE-2006-1566
31 Mar 2006 — Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359241 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1376
https://notcve.org/view.php?id=CVE-2006-1376
24 Mar 2006 — The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358210 •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2006-0050
https://notcve.org/view.php?id=CVE-2006-0050
23 Mar 2006 — snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. • http://secunia.com/advisories/19318 •
CVSS: 8.8EPSS: 3%CPEs: 39EXPL: 0CVE-2006-1244
https://notcve.org/view.php?id=CVE-2006-1244
15 Mar 2006 — Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE... • http://secunia.com/advisories/18948 •
CVSS: 7.5EPSS: 7%CPEs: 3EXPL: 0CVE-2006-0042
https://notcve.org/view.php?id=CVE-2006-0042
18 Feb 2006 — Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity. Vulnerabilidad no especificada en las funciones (1) apreq_parse_headers y (2) apreq_parse_urlencoded en Apache2::Request (Libapreq2) en versiones anteriores a 2.07 permite a atacantes remotos provocar una denegación de servic... • http://secunia.com/advisories/18846 •
CVSS: 9.1EPSS: 7%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •